<?php
session_start();
  include('../include/db_connect.php');

function inDB(){
$password = md5($_SERVER['PHP_AUTH_PW']);
$queryL="SELECT idUSERNAME, gebruikers_naam, wachtwoord FROM USERNAME
                  WHERE BINARY
                  gebruikers_naam='".$_SERVER['PHP_AUTH_USER']."'
                  AND
                  wachtwoord='".$password."'
                  AND
                  admin = 1
                  AND
                  status='act'";
                  

/*
gebruikers_naam='Muurverf'
                  //wachtwoord='".$_SERVER['PHP_AUTH_PW']."'";*/


$resL=   mysql_query($queryL) or die(mysql_error());
$usR =   mysql_fetch_array($resL);
if ($usR===false) return false;
return $usR['idUSERNAME'];
}

$usR = inDB();


?>
<style type="text/css">
div#noPermission{
margin-left:auto;
margin-right:auto;
text-align:center;
}
#noPermission a{
text-decoration:none;
color: #000000;
}
#noPermission a:hover{
text-decoration:none;
color: #ff0000;
}
#noPermissionImage a{
margin-top:-30px;
margin-left:auto;
margin-right:auto;
background-image:url('images_admin/icon_stop.png');
display:block;
width:512px;
height:512px;
text-decoration:none;
color: #000000;
}
#noPermissionImage a:hover{
margin-top:-30px;
margin-left:auto;
margin-right:auto;
background-image:url('images_admin/icon_stop2.png');
display:block;
width:512px;
height:512px;
text-decoration:none;
color: #ff0000;
}
</style>
<?php
if(!isset($_SERVER['PHP_AUTH_USER'])||$usR===false)
  {
    Header("WWW-Authenticate: Basic realm=\"Vul je gebruikersnaam en wachtwoord in\"");
    Header("HTTP/1.0 401 Unauthorized");
    echo '<div id="noPermission">';
	echo '<h1> U heeft geen authorisatie om hier te komen.</h1><br>';
	echo '<div id="noPermissionImage">';
	echo '<a href="../index.php"></a>';
	echo '</div>';
	echo '<h1> <a href="../index.php">Klik hierom terug te gaan naar de index site</a> </h1><br>';
	echo '</div>';

   }
   else{
    //echo $usR;

?>
<script type="text/javascript">
var current = "1";
function pageSwitch(id){
	if(!document.getElementById) return false;
	var div = document.getElementById("page"+id);
	var curDiv = document.getElementById("page"+current);
	curDiv.style.display = "none";
	div.style.display = "block";
	current = id;
}
</script>
		<style type="text/css" media="screen"><!--
.hiddenDiv {
	display: none;
	}
.visibleDiv {
	display: block;
	border: /1px grey solid;
	}

--></style>
		<!-- Start of Page Header -->
		
	<?php include("include/admin_header.php"); ?>


		<!-- End of Page Header -->
	<?php include("include/admin_menu.php"); ?>

<?php
echo "<div>";

$con = mysql_connect("db1.hosting2go.nl:3306", "m1_f4502769", "passwd1") or die(mysql_error());
	mysql_select_db("m1_f4502769");

/*
$con = mysql_connect("localhost","root","root") or die(mysql_error());
		mysql_select_db("mydb");

*/	
//echo $_SESSION['table'];

/**
hier heb ik eentje van tevoren gedaan omdat de fetch_row statment voor een of ander reden 
de eerst overslaat;
*/
$tablequery = mysql_query("SHOW TABLES FROM m1_f4502769") or die("can tabellen niet ophalen");
$tableresult = mysql_fetch_array($tablequery ) or die("can tabellen niet creeren");

echo "<table border='2'><form method='get' action=''>";
echo "<tr><td><input name='Radio1' type='radio' value=".$tableresult[0]." ></td><td> ".$tableresult[0]."</td></tr>";
	while ($row = mysql_fetch_row($tablequery)) {
		$i=0;
	    echo "<tr><td><input name='Radio1' type='radio' value=".$row[$i]."></td><td>".$row[$i]."</td></tr>";
	    $i++;
	}
echo'<tr><td><input name="rowcount" type="text" value="5"/></td></tr>';
echo "<tr><td><input name='Submit1' type='submit' value='submit' /></form><td></tr></table></br>";


/*
if(!isset($_POST['Submit1'])||!isset($_GET['Radio1']) ){
$_SESSION['table'] = $tableresult[0];
}
*/
//-----------------------------------------------------------
if(isset($_GET['rowcount'])){
$_SESSION['rowcount']=$_GET['rowcount'];
}
if(isset($_SESSION['rowcount'])){
$rowcount = $_SESSION['rowcount'];
}else{
$rowcount = 5 ;
}
//---------------------------------------------------------------
if(isset($_GET['offset'])){
$_SESSION['offset'] = $_GET['offset'];
}
if(isset($_SESSION['offset'])){
$offset=$_SESSION['offset'];
}else{
$offset = 0 ; 
}
//-----------------------------------------------------------------	
if(isset($_GET['Radio1'])){
//	echo"get ja </br>"; 
	$_SESSION['table'] = $_GET['Radio1'];
	$offset = 0;
}
if(isset($_SESSION['table'])){
$table = $_SESSION['table'];
}
//-----------------------------------------------------------------


//echo $_SESSION['table']."</br>";



//echo $table;

/**
dit vooert de query uit zoals delete en *update* met de post variables 
verkregen door de onderstande gerenerende formulier
*/
if (isset($_POST['operation'])){
//		echo"126</br>";
		$P_key = array_keys($_POST);
		//echo count($P_key);
		
		$delquery =" DELETE FROM  ".$table." WHERE ";
		$updquery ="UPDATE ".$table." SET ";
		$insquery = "INSERT INTO ".$table."	 VALUES";
		
			if(isset($_POST['operation'])){
			
//			echo"if ja</br>";
			
				if($_POST['operation']=='del'){
				$delquery = $delquery ." ". $P_key[0]." = '".$_POST[$P_key[0]]."'";

					for($i = 1;$i<(count($P_key)-2); $i++ ){
					$delquery = $delquery ." AND ". $P_key[$i]." = '".$_POST[$P_key[$i]]."'";
						//if($i<(count($P_key)-3))$delquery = $delquery .",";
	
						}
//				echo $delquery;
				mysql_query($delquery) or die("<p>delete niet uitgevoerd <a href='productbeheer.php' >terug</a>  </p></br>".mysql_error());
				
				}
					
		
				elseif($_POST['operation']=='insert'){
					$insquery = $insquery ."( ". /*$P_key[0]." = */"'".$_POST[$P_key[0]]."' , ";
					
					for($i = 1;$i<(count($P_key)-2); $i++ ){
					$insquery = $insquery ."  ". /*$P_key[$i]." = */"'".$_POST[$P_key[$i]]."'";
						if($i<(count($P_key)-3))$insquery = $insquery.",";
						}
						$insquery=$insquery.")";
//				echo $insquery ;
				mysql_query($insquery ) or die("<p>insert niet uitgevoerd <a href='productbeheer.php' >terug</a>  </p></br>".mysql_error());
		
				}

				else{
				
//				echo" else ja </br>";
			
					for($i = 0;$i<(count($P_key)-2); $i++ ){
					$updquery = $updquery ." ". $P_key[$i]." = '".$_POST[$P_key[$i]]."'";
						
						if($i<(count($P_key)-3)) {$updquery = $updquery .",";}
	
						}
				$updquery =$updquery . ' WHERE '.$_POST['operation']; 
				
				
				/*
				for($i = 0;$i<(count($P_key)-2); $i++ ){
				//***dit klopt niet omdat je orginel waardes niet behoud om constraint te bewaren 
				$updquery = $updquery ." AND ". $P_key[$i]." = ".$_POST[$P_key[$i]].",";
				}*/
//			echo $updquery;
			mysql_query($updquery) or die("<p>update niet uitgevoerd <a href='productbeheer.php' >terug</a></p></br>".mysql_error());
			//echo mysql_error($con );
			
			}
			}
}

/*
begin van indexering van lijst

ik will ofset veranderen en dat moet onthouden worden in een sesseion_var dmv a href met get methodes
*/ 

$set = mysql_query("SELECT *  FROM ".$table);
$aantal = mysql_num_rows($set);

if($offset>=$rowcount){ echo "<a href=productbeheer.php?offset=".($offset-$rowcount).">"."vorige"."</a>  ";}
for($i=0;$i<$aantal;$i=$i+$rowcount ){
echo "<a href=productbeheer.php?offset=".$i.">".$i."</a>  ";
}
if($offset<= ($aantal-$rowcount)){echo "<a href=productbeheer.php?offset=".($offset+$rowcount).">"."volgende"."</a>  ";}




/**
begin van lijst tabel
*/
if(isset($table)){

$query = mysql_query("SELECT *  FROM ".$table." "." limit ".$offset.",".$rowcount) or die("foute select stm");


	while ($row = mysql_fetch_assoc($query)) {
	
	   // form moet een name hebben 
	echo "	<form method=POST action='productbeheer.php'>";
	echo "	<table border='1'> ";
	
	$stm=" ";
	$i = 0;
	
		foreach ($row as $kolom => $value){
		
		//is voor de SQL UPDATE set, where conditie 
		$stm=$stm." ".$kolom." ="."\"".$value."\""." ";
			if ($i < (mysql_num_fields($query)-1)){
				$stm=$stm." AND "; $i++;                  
				}
			
		echo"<tr>";  
		echo"<td>".$kolom."</td>";   
		echo"<td><input type='text' name='" . $kolom . "' value=" . $value . "></td>";
		echo"</tr>";
		}
	
	echo"<tr><td><input name='operation' type='radio' value='".$stm."' />update</br> <input name='operation' type='radio' value='del' />delete </br><input name='operation' type='radio' value='insert' />insert</td><td><input type='submit' name='submit' value='submit'></td></tr>";
		
	echo"</table>";
	echo"</form></br>";
	echo "</br>";
//	echo $stm;
	   
	
}
	
}
echo "</div>";
?>


	<?php include("include/admin_footer.php"); 
}
?>
